Help! PHP cannot write to any files in my web directory. I don't know why! I have the permissions of the file set to 777, but it is not working! Here is the code in question:
<?php
if ($f=fopen('test.txt', 'a'))
echo 'file opened';
fclose($f);
Nothing is being echoed! I don't know why :(.. the userid and gid is 0:0 from the script, and if I try to chown to that it doesn't work.
Please help I need this fixed asap this should be an easy thing to do but the damn server is being difficult.
And its running on Cent OS if thats any help..
You'll need to enable the appropriate SELinux booleans and label the directory with the appropriate file context if you want to write files there.
Or you could disable SELinux. But don't do that.
try to use absolute path. might be other dir then you think. also might be network file system that cannot be accessed as root.
If you're just uploading this php to a typical multi user server and you have 777 permissions but cannot write files, the most likely "culprit" is suPHP.
In a system with the suPHP module installed, one cannot have 777 permissions.
You can check for the existence of this installed on your system with phpinfo().
Related
I want to write text file using PHP.
I can write it using fopen and fwrite function on Windows platform. But, that program is not able to write it on Linux Platform.
Is there any solution?
fopen and fwrite work exactly the same on Linux, but you may have a permission issue there. To solve this, you need to check:
the user under which PHP runs (in a vanilla Apache/PHP install, this is usually www-data)
the permissions and ownership of the directory you are trying to write to
What you need is write permission on the directory for the PHP/Apache user. The easiest (and dirtiest) way of achieving this is is to just make the directory world-writable (chmod o+w the_dir), but this is highly insecure, allowing anyone with any kind of access to the system to store stuff there. A better solution is to either make the PHP user the owner of the directory and specify permission 700 (or 755 if you want it to be world-readable), or create a new group, put the PHP user and yourself in that group, set the group on the directory, and set permission 770 (775 for world-readability) on the directory.
It should work, please check the users permission to the directory and/or file.
You always can try this program writing to /tmp/my.log, it should work)
Of course, you can use the same fopen and fwrite functions on Linux.
The only special thing is that the folder where it's written (or at least the file itself) must be given write permissions.
An easy way to test it would be to set the file permission (or its folder) to 777.
fopen and fwrite works on both SO.
Probabily you have permission denied. Try to give write perms on your file on linux.
You can use php chmod func
I recently moved my website to a new host and now am experiencing some broken code..
I have an uploading script that is now returning this:
move_uploaded_file() failed to open
stream: Permission denied in *..
I've set the upload directory to 777 which worked fine, but my script is needed to have top level permissions..
(As the script itself sets permission to directories, does lots of copying etc)
Is there a way in apache I can set the PHP script to the owner of all the folders on my server?
Thanks
Also
When looking in phpInfo()
Under
apache2handler
User/Group nobody(99)/99
Is this related?
I wouldn't go that route, just give it permissions to the defined upload_tmp_dir, or define upload_tmp_dir to be a directory you have access to. If it is that directory you have problems with. If the target is the problem, and you've 777'ed it, something fishy is going on.
Do you have ssh access to your new host? The reason I ask is that it's probably not best to use the username/group as nobody, as most other services would use this too. I would change it to something like apache
You can then update httpd.conf, adding in these two lines (reloading the config after):
User apache
Group apache
Then, run chown apache:apache -R dir_name to make apache own it.
well,
When you are trying to set the permission like "0777", you must be running on same authority.
What I mean is.
For example, your script tells to change a folder/file permission to 0777, but the folder or file already has a permission and that is '0755' so you are not authorised to make that change. as the user have only 5 authority.
Either, you need to login to FTP and change the folder permission to 0777 and then you have full control over it or you have to stick with using 0755 or similar.
I am trying to set up automated .htaccess updating. This clearly needs to be as secure as possible, however right now the best I can do file permission-wise is 666.
What can I do to setup either my server or php code so that my script's fwrite() command will work with 644 or better? For instance is there a way to set my script(s) to run as owner?
EDIT:
I realized I actually just had a permissions issue, you should be able to use fwrite no problem with 644 permissions. See my answer below.
The apache process should always run as apache:apache - if you must enable write permissions in executable (i.e. DocumentRoot) directories, create a group, add apache and set group write permissions (so 664).
It's best to have .htaccess updated by a cron script reading config data from a database, as giving apache write permissions to executable directories is frowned upon in case a vulnerability in your code allows a malicious user to write new files to those directories.
You can't change the process's owner. If you're on a shared server, see if they have suPHP as an option.
These suggestions were great, however I ultimately realized that the answer to my question is YES - and you shouldn't have to do anything at all... as long as the Owner user of the file/directory you are trying to write to is the same user the script is running as. My mistake was that I accidentally had my file ownership out of whack therefore needed higher permissions 666 and 777 in order to write to my files. Which makes sense because Wordpress can write to .htaccess with standard permissions.
Now I have things setup where a file running as user1 is writing to a file owned by user1:user1, and no problems whatsoever. Directories set to 755, .htaccess file set to 644.
I just setup a LAMP development server and am still trouble-shooting some things. The server is installed on one computer and I use a Windows laptop to write my code and test the site via the web browser.
My file uploading script works in that JPEG image files are successfully uploaded to the server, but when I try to view the images in the web browser, permission is denied.
I check the permissions on the file via the server and they are 600. I can fix the issue by chmod 777 theimage.jpg, but this doesn't seem like a good solution at all.
Does the solution have something to do with Apache configuration? Or is there something else I should be doing.
Thank-you,
Mike
Update
To clarify, I am able to upload a JPEG file to /var/www/test/images, but am unable to view the image in the web browser after it has been uploaded. My script works on the production server (I am using Dreamhost). This leads me to believe that the issue is with the development server that I have just setup. Any feedback is greatly appreciated, even if it is just resources that I should read for better understanding the server setup.
You need to change the permissions on the folder containing the file, not just the file itself. Use sudo chmod and sudo chown on the directory that contains the file you want to access, then check to make sure the permissions where changed with the ls -rl command. The permissions used with chmod should be r and w and the directory should read -rw-r--r-- when the ls -rl command is used if the permissions have been changed correctly. Also, if you are still unclear about the specifics of how chmod and chown work check out this link and this link.
EDIT:
Type this:
sudo chmod -R 666 /var/www/test/images
Or this:
sudo chmod a=rw /var/www/test/images
... to do what you want to do. For more explanation see my latest comment entry below.
I'd say you probably are running PHP under a different uid than Apache.
You can:
Configure apache/PHP so that they run under the same uid
Upon file upload, use PHP tochange the permissions with the chmod function or change the umask associated with the PHP process so that the file gets the correct permissions in the first place
Access the images through PHP (readfile) -- not recommended for performance issues
How should I handle image uploading using PHP?
How should I handle the chmod settings?
Example;
I have a dir called /image/ where i want to upload all my images.
Should I set this dir to chmod 777 and leave it like that? Or should i change chmod on that folder via PHP each time I need to upload a image. Is this correct, or should I be doing something else?
As thephpdeveloper mentioned, setting chmod once is enough. All subsequent writes into that directory will not change the directory permissions unless you explicitly chmod it to another permissions somewhere else.
The recommended permissions for directories on a *nix server is 755.
Setting permissions to 777 is not recommended. As mentioned by wic, it gives full permissions to everyone that have access to your server. Which makes it vulnerable if you are on shared hosting or sharing the server with other users.
Also to note is how PHP is run on your server. In fact, if you are running PHP as cgi, example suphp, permissions of 777 for directories are not allowed. Having 777 permissions on the directories your scripts reside in will not run and will instead cause a "500 internal server error" when attempting to execute them.
I recomend chmoding to 755
Only the user running the web server dameon needs permissions to the directory for writing. And you certainly don't want execute permissions on a directory users are uploading to.
Usually, folder settings are set once and that's it. It's rather pointless to keep setting the folder permissions to 777 via PHP, when you have already set it to 777.
No, you dont have to change the permissions on the directory each time. Once set, they are set so to speak.
Using 777 is overkill since it gives full permissions to everyone. Remove the 'x' bit and let apache (or whoever) own the directory. This makes it impossible to list files.